Rule 506 is a non-exclusive safe harbor from the registration requirements of the Securities Act of 1933. If an offering meets the conditions of either Rule 506(b) or 506(c), it is deemed to not involve a public offering within the meaning of Section 4(a)(2) of the Securities Act. It is somewhat paradoxical, therefore, that an offering under Rule 506(c) may involve a general solicitation and still not be considered to be a public offering. Nonetheless this is what Congress mandated in Section 201 of the Jumpstart Our Business Startups (JOBS) Act.
Rule 506(c) requires that all purchasers be "accredited investors" and that the issuer take reasonable steps to verify their status as such. What if all purchasers are in fact "accredited investors" but the issuer has failed to take reasonable steps? One might assume that this would be a good case in which to apply the "no harm, no foul" rule.
The SEC, however, didn't see it that way in a recent administrative proceeding. According to the SEC, the offering involved a general solicitation by means of a website that was not password protected, blog postings, and media interviews and digital asset and blockchain conferences, accessible both via live attendance and through the Internet. Ultimately, 22 purchasers invested. After the SEC initiated its investigation, the respondent retained a third party who confirmed that all 22 of the investors were accredited investors. Although the SEC did not allege fraud and acknowledged that investors suffered no loss, it still insisted on issuing a cease and desist order and imposing a $50,000 civil penalty.
Rule 506(c)(2)(ii) requires that an "issuer shall take reasonable steps to verify". The rule, however, does not expressly state when these reasonable steps must be taken. Nonetheless, this action demonstrates that the SEC believes that the steps must be taken before, and not after, the fact. The SEC's enforcement position is arguably consistent with the staff's position in Compliance & Disclosure Interpretation #260.07 ("The verification requirement must be satisfied even if all purchasers happen to be accredited investors. "). However, the enforcement action was not a case of a failure to verify, but a case of ex post facto verification.
Another curious aspect of the SEC's action is that the respondent was not the actual issuer of the securities. The respondent was the managing member and manager to the issuer. Nonetheless, the SEC did not charge the actual issuer and treated the manager as a primary violator.